Hello community,
here is the log from the commit of package rubygem-rest-client for
openSUSE:Factory checked in at 2017-04-11 09:32:26
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/rubygem-rest-client (Old)
and /work/SRC/openSUSE:Factory/.rubygem-rest-client.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "rubygem-rest-client"
Tue Apr 11 09:32:26 2017 rev:9 rq:479682 version:2.0.1
Changes:
--------
--- /work/SRC/openSUSE:Factory/rubygem-rest-client/rubygem-rest-client.changes
2015-03-01 14:46:35.000000000 +0100
+++
/work/SRC/openSUSE:Factory/.rubygem-rest-client.new/rubygem-rest-client.changes
2017-04-11 09:32:28.308650349 +0200
@@ -1,0 +2,149 @@
+Mon Feb 20 05:39:23 UTC 2017 - [email protected]
+
+- updated to version 2.0.1
+ see installed history.md
+
+ # 2.0.1
+
+ - Warn if auto-generated headers from the payload, such as Content-Type,
+ override headers set by the user. This is usually not what the user wants
to
+ happen, and can be surprising. (#554)
+ - Drop the old check for weak default TLS ciphers, and use the built-in Ruby
+ defaults. Ruby versions from Oct. 2014 onward use sane defaults, so this is
+ no longer needed. (#573)
+
+-------------------------------------------------------------------
+Mon Jul 4 04:39:18 UTC 2016 - [email protected]
+
+- updated to version 2.0.0
+ see installed history.md
+
+ # 2.0.0
+
+ This release is largely API compatible, but makes several breaking changes.
+
+ - Drop support for Ruby 1.9
+ - Allow mime-types as new as 3.x (requires ruby 2.0)
+ - Respect Content-Type charset header provided by server. Previously,
+ rest-client would not override the string encoding chosen by Net::HTTP. Now
+ responses that specify a charset will yield a body string in that encoding.
+ For example, `Content-Type: text/plain; charset=EUC-JP` will return a
String
+ encoded with `Encoding::EUC_JP`. (#361)
+ - Change exceptions raised on request timeout. Instead of
+ `RestClient::RequestTimeout` (which is still used for HTTP 408), network
+ timeouts will now raise either `RestClient::Exceptions::ReadTimeout` or
+ `RestClient::Exceptions::OpenTimeout`, both of which inherit from
+ `RestClient::Exceptions::Timeout`. For backwards compatibility, this still
+ inherits from `RestClient::RequestTimeout` so existing uses will still
work.
+ This may change in a future major release. These new timeout classes also
+ make the original wrapped exception available as `#original_exception`.
+ - Unify request exceptions under `RestClient::RequestFailed`, which still
+ inherits from `ExceptionWithResponse`. Previously, HTTP 304, 401, and 404
+ inherited directly from `ExceptionWithResponse` rather than from
+ `RequestFailed`. Now _all_ HTTP status code exceptions inherit from both.
+ - Rename the `:timeout` request option to `:read_timeout`. When `:timeout` is
+ passed, now set both `:read_timeout` and `:open_timeout`.
+ - Change default HTTP Accept header to `*/*`
+ - Use a more descriptive User-Agent header by default
+ - Drop RC4-MD5 from default cipher list
+ - Only prepend http:// to URIs without a scheme
+ - Fix some support for using IPv6 addresses in URLs (still affected by Ruby
+ 2.0+ bug https://bugs.ruby-lang.org/issues/9129, with the fix expected to
be
+ backported to 2.0 and 2.1)
+ - `Response` objects are now a subclass of `String` rather than a `String`
that
+ mixes in the response functionality. Most of the methods remain unchanged,
+ but this makes it much easier to understand what is happening when you look
+ at a RestClient response object. There are a few additional changes:
+ - Response objects now implement `.inspect` to make this distinction
clearer.
+ - `Response#to_i` will now behave like `String#to_i` instead of returning
the
+ HTTP response code, which was very surprising behavior.
+ - `Response#body` and `#to_s` will now return a true `String` object rather
+ than self. Previously there was no easy way to get the true `String`
+ response instead of the Frankenstein response string object with
+ AbstractResponse mixed in.
+ - Response objects no longer accept an extra request args hash, but instead
+ access request args directly from the request object, which reduces
+ confusion and duplication.
+ - Handle multiple HTTP response headers with the same name (except for
+ Set-Cookie, which is special) by joining the values with a comma space,
+ compliant with RFC 7230
+ - Rewrite cookie support to be much smarter and to use cookie jars
consistently
+ for requests, responses, and redirection in order to resolve long-standing
+ complaints about the previously broken behavior: (#498)
+ - The `:cookies` option may now be a Hash of Strings, an Array of
+ HTTP::Cookie objects, or a full HTTP::CookieJar.
+ - Add `RestClient::Request#cookie_jar` and reimplement `Request#cookies` to
+ be a wrapper around the cookie jar.
+ - Still support passing the `:cookies` option in the headers hash, but now
+ raise ArgumentError if that option is also passed to
`Request#initialize`.
+ - Warn if both `:cookies` and a `Cookie` header are supplied.
+ - Use the `Request#cookie_jar` as the basis for `Response#cookie_jar`,
+ creating a copy of the jar and adding any newly received cookies.
+ - When following redirection, also use this same strategy so that cookies
+ from the original request are carried through in a standards-compliant
way
+ by the cookie jar.
+ - Don't set basic auth header if explicit `Authorization` header is specified
+ - Add `:proxy` option to requests, which can be used for thread-safe
+ per-request proxy configuration, overriding `RestClient.proxy`
+ - Allow overriding `ENV['http_proxy']` to disable proxies by setting
+ `RestClient.proxy` to a falsey value. Previously there was no way in Ruby
2.x
+ to turn off a proxy specified in the environment without changing `ENV`.
+ - Add actual support for streaming request payloads. Previously rest-client
+ would call `.to_s` even on RestClient::Payload::Streamed objects. Instead,
+ treat any object that responds to `.read` as a streaming payload and pass
it
+ through to `.body_stream=` on the Net:HTTP object. This massively reduces
the
+ memory required for large file uploads.
+ - Changes to redirection behavior: (#381, #484)
+ - Remove `RestClient::MaxRedirectsReached` in favor of the normal
+ `ExceptionWithResponse` subclasses. This makes the response accessible on
+ the exception object as `.response`, making it possible for callers to
tell
+ what has actually happened when the redirect limit is reached.
+ - When following HTTP redirection, store a list of each previous response
on
+ the response object as `.history`. This makes it possible to access the
+ original response headers and body before the redirection was followed.
+ - Follow redirection consistently, regardless of whether the HTTP method
was
+ passed as a symbol or string. Under the hood rest-client now normalizes
the
+ HTTP request method to a lowercase string.
+ - Add `:before_execution_proc` option to `RestClient::Request`. This makes it
+ possible to add procs like `RestClient.add_before_execution_proc` to a
single
+ request without global state.
+ - Run tests on Travis's beta OS X support.
+ - Make `Request#transmit` a private method, along with a few others.
+ - Refactor URI parsing to happen earlier, in Request initialization.
+ - Improve consistency and functionality of complex URL parameter handling:
+ - When adding URL params, handle URLs that already contain params.
+ - Add new convention for handling URL params containing deeply nested
arrays
+ and hashes, unify handling of null/empty values, and use the same code
for
+ GET and POST params. (#437)
+ - Add the RestClient::ParamsArray class, a simple array-like container that
+ can be used to pass multiple keys with same name or keys where the
ordering
+ is significant.
+ - Add a few more exception classes for obscure HTTP status codes.
+ - Multipart: use a much more robust multipart boundary with greater entropy.
+ - Make `RestClient::Payload::Base#inspect` stop pretending to be a String.
+ - Add `Request#redacted_uri` and `Request#redacted_url` to display the URI
+ with any password redacted.
+
+ # 2.0.0.rc1
+
+ Changes in the release candidate that did not persist through the final 2.0.0
+ release:
+ - RestClient::Exceptions::Timeout was originally going to be a direct
subclass
+ of RestClient::Exception in the release candidate. This exception tree was
+ made a subclass of RestClient::RequestTimeout prior to the final release.
+
+-------------------------------------------------------------------
+Tue Mar 24 05:30:07 UTC 2015 - [email protected]
+
+- updated to version 1.8.0
+ - Security: implement standards compliant cookie handling by adding a
+ dependency on http-cookie. This breaks compatibility, but was necessary to
+ address a session fixation / cookie disclosure vulnerability.
+ (#369 / CVE-2015-1820)
+
+ Previously, any Set-Cookie headers found in an HTTP 30x response would be
+ sent to the redirection target, regardless of domain. Responses now expose a
+ cookie jar and respect standards compliant domain / path flags in Set-Cookie
+ headers.
+
+-------------------------------------------------------------------
@@ -4,0 +154 @@
+ Security: redact password in URI from logs (#349 / OSVDB-117461)
Old:
----
rest-client-1.7.3.gem
New:
----
rest-client-2.0.1.gem
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ rubygem-rest-client.spec ++++++
--- /var/tmp/diff_new_pack.LpZP3D/_old 2017-04-11 09:32:28.836575772 +0200
+++ /var/tmp/diff_new_pack.LpZP3D/_new 2017-04-11 09:32:28.836575772 +0200
@@ -1,7 +1,7 @@
#
# spec file for package rubygem-rest-client
#
-# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -24,12 +24,12 @@
#
Name: rubygem-rest-client
-Version: 1.7.3
+Version: 2.0.1
Release: 0
%define mod_name rest-client
%define mod_full_name %{mod_name}-%{version}
BuildRoot: %{_tmppath}/%{name}-%{version}-build
-BuildRequires: %{ruby >= 1.9.2}
+BuildRequires: %{ruby >= 2.0.0}
BuildRequires: %{rubygem gem2rpm}
BuildRequires: ruby-macros >= 5
BuildRequires: update-alternatives
@@ -52,7 +52,7 @@
%install
%gem_install \
--symlink-binaries \
- --doc-files="LICENSE README.rdoc history.md" \
+ --doc-files="LICENSE README.md history.md" \
-f
%gem_packages
++++++ rest-client-1.7.3.gem -> rest-client-2.0.1.gem ++++++
++++ 7799 lines of diff (skipped)
